The FreeBSD Team has issued a security advisory affecting the TCP protocol on current versions of FreeBSD. Please see the message and take measures to keep your FreeBSD system safe and secure by updating with the patches. A detailed report can be found at the link below.
CVE Name: CVE-2018-6922 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. I. Background The Transmission Control Protocol (TCP) of the TCP/IP protocol suite provides a connection-oriented, reliable, sequence-preserving data stream service. To transmit a stream of data, TCP breaks the data stream into segments for transmission through the Internet, and reassembles the segments at the receiving side to recreate the data stream. II. Problem Description One of the data structures that holds TCP segments uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue.
Original announcement: https://lists.freebsd.org/pipermail/freebsd-announce/2018-August/001837.html
The Register: FreeBSD has its own TCP-queue-of-death bug, easier to hose than Linux’s SegmentSmack